
DEPARTMENT OF DEFENSE 
UNITED STATES CYBER COMMAND 

9800 SAVAGE ROAD, SUITE 6171 
FORT GEORGE G. MEADE, MARYLAND 20755 


JUN 1 1 2019 


Emma Best 
MuckRock News 
DEPT MR 73064 
411A Highland Ave 
Somerville, MA 02144-2516 


Dear Ms. Best, 

Thank you for your May 15, 2019 Freedom of Information Act (FOIA) request for “records 
relating to or mentioning Hacking Team”. 

As the initial denial authority, I am partially denying portions of the document under 5 U.S.C. §§ 
552(b)(1) and (b)(7)(E). The denied portions include classified national security information 
under the criteria of Executive Order 13526 (labeled as (b)(1)) and information that would 
disclose techniques and procedures for law enforcement investigations (labeled as (b)(7)(E)). 

If you are not satisfied with our action on this request, you may file an administrative appeal 
within 90 calendar days from the date of this letter. You may address it to ODCMO, Director of 
Oversight and Compliance, 4800 Mark Center Drive, ATTN: DPCLTD, FOIA Appeals, Mailbox 
#24, Alexandria VA 22350-1700. Email may be sent to osd.foia-appeal@mail.mil . All 
correspondence should reference FOIA case tracking number 19-R061. 

You may also contact the Office of Government Information Services (OGIS), which provides 
mediation services to help resolve disputes between FOIA requesters and Federal agencies. 

OGIS may be reached at ouis@nara.uov , 202-741-5770, and 1-877-684-6448. 



Sincerely, 
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S E CRET//REL - USA, FVEY 


Fallout from Hacking Team Breach: July 2015 


Indications & Warnings 


(U) Cyber breach against Italian company "The 
Hacking Team" - total exfil unknown; 400GB data 
publically posted 

-- T 
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(U) Windows Kernel "ATMFD.dll" vulnerability proof 
of concept available on Chinese blog (360.cn) 


(U) CVE-2015-5119 "ByteArray class" vulnerability 
exploit becomes publically available from Hacking 
Team leaked docs 


(U) CVE 2015 5122 "opaqueBackground" 
vulnerability exploit identified by FireEye from 
publically available leaked docs 


(U) CVE-2015-5123 (currently unnamed) vulnerability 
exploit identified by TrendMicro from publically 
available leaked docs 
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Hostility Observed 


As of: 12 0445Z July 2015 

Remediation 
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( S//R E L ) No indications 


(b) (1) 1.4 (a) 


(b) (7) (E) 
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(U) CVE-2015-5119 patch 
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( S//REL ) Possible exploit development and- 
targeting by I 



(b) (1) 1.4 (a) 
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Fallout from Hacking Team Breach: July 2015 


As of: 12 0445Z July 2015 
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